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4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) |EI Claim(s) 2-10 and 12-28 is/are rejected. 
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Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1 .17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1 .1 14, and the fee set forth in 37 CFR 
1 .17(e) has been timely paid, the finality of the previous Office action has been 
withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on November 5, 
2009 has been entered. 

1 . Claims 2-1 0, and 1 2-28 are currently pending consideration. 
Response to Arguments 

Applicant's arguments filed November 5, 2009 have been fully considered but they are 
not persuasive for the following reasons: 

Regarding claim 21 , the Applicant argues that the Cited Prior Art (CPA), Wood et al. 
(U.S. Patent Pub. US 2004/021071 1), does not disclose that one or more processes are 
associated with a session identification code. This argument is not found persuasive. 
The CPA discloses session continuity in which each interaction (process) between the 
entity and the information environment has a session credential associated with it 
(paragraph 0045). Therefore, each successive interaction and/or on the change of a 
credential level, will issue a new session credential (session identification code) to the 
process (paragraph 0045). 
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Regarding the new claims 23-24, tine Applicant argues that the CPA does not teach a 
process which is created by a process operated by the original session. This is not 
found persuasive. The subsequent interactions after the original session is created are 
each created by the first process (of setting up the session) and therefore are 
interpreted as child processes created by a first process (paragraph 0045). 
Therefore, the arguments are not found persuasive and the rejection is maintained and 
applied to the new claims as given below. 



Claim Rejections - 35 USC § 102 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



7. Claims 2-3, 7-10, 12-13, and 17-22 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Wood et al. (US 2004/0210771). 
Regarding Claims 8, 18, 21, 22, 23, and 24: 

Wood discloses a security system for real time monitoring and controlling of 
communication sessions within a network server environment ("Providing a persistent 
session in a networked information environment includes associating a unique session 
identifier with a set of access requests originating from a client entity and maintaining 
the unique session identifier across a credential level change" See paragraph 11), 
wherein each original session enables operating a sequence of processes including 
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operations carried out in tine server environment ("Session continuity means the 
maintenance of coherent session state across one or more interaction between an 
entity and an information environment." See paragraph 45), the system having at least 
one server ("A secure information system includes plural information resources host on 
one or servers coupled via a communication network to a client entity." See paragraph 
15) enabling to communicate with a multiplicity of client users ("Client Browser" See fig. 
1 ref. no. 170 and "In general a wide variety of entities, including human users operation 
browser and/or non-browser client applications as well as automated agents or 
systems, may interact with enterprise applications and/or resources 190 and the 
security architecture as described herein." See paragraph 41) via at least one 
communication network ("Communication network" See paragraph 15), wherein each 
client user enables accessing portals and operating sessions in the portals ("A variety of 
information resource identification schemes, such as by Uniform Resource Locator 
(URL), resource address, identifier or namespace designation, may be employed." See 
paragraph 41), and at least one module operated by the at least one server 
("Gatekeeper," "Log-In," "Authentication," "Authorization," "Identification," and "Session" 
See fig. 1 ref. nos. 110, 120, 130, 140, 150, and 160), wherein the at least one module 
enables associating a session ID to the original session of the client user ("If no session 
token is present or if a session token is invalid, gatekeeper/entry handler component 
1 10 establishes a new session." See paragraph 47) and to each process in the 
sequence of processes operated by the original session, ("Gatekeeper functionality (e.g. 
in gatekeeper/entry handler component 110) checks whether a session is already 
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associated with the incoming request." See paragraphs 44-47) wherein the session ID 
enables determining an authorization level ("Authenticated Trust Level" See paragraph 
46) of session in accordance with predefined determination rules ("The mapping of login 
credential types and authentication mechanisms to trust levels is influenced by 
environment information such as time of request, source of request, connection speed, 
and/or client application (e.g., browser) environment information." See paragraphs 37- 
38), where the determination rules refer to the properties of the original session 
("Security requirements are expressed in terms of trust levels and login component 120 
obtains login credentials for an entity requesting access to one of the enterprise 
applications and/or resources 190." See paragraph 35), wherein each session ID is 
related to the manner in which the client user has operated the original session ("The 
login credentials obtained are selected from a set of credential types that, if 
authenticated are sufficient to achieve the trust level requirement of an application or 
information resource to be accessed." See paragraph 35), wherein each process in the 
sequence is associated in real time with the same session ID of the original session 
enabling the module to continuously monitor operation of each process of each client 
user ("In the case of a pre-existing session, the signed session credential may be 
obtained using a received session token." See paragraph 48), while the at least one 
server enables operating the processes of each original session according to the 
authorization level related to the session ID ("Authorization component 140 may base its 
allow, redirect, or refuse response on a current trust level previously associated with the 
signed session credentials." See paragraph 48). Furthermore, it also teaches 
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associating tlie session identification code of tine communication session at least to a 
child process (paragraph 0045: wherein the subsequent interactions after the original 
session is created are each created by the first process (of setting up the session) and 
therefore are interpreted as child processes created by a first process) and each child 
process is operated at the authorization level of the session credential at the time of the 
last credential change (see paragraph 0045). 
Regarding Claims 2 and 12: 

Wood discloses a filtering module installed at the at least one server for blocking 
unauthorized processes in accordance with determined authorization level 
("Authorization component 140 responds with an allow, redirect, or refuse response 
based on the sufficiency of a current trust level." See paragraph 48). 
Regarding Claims 3 and 13: 

Wood discloses at least one agent installed on the at least one server, the agent 
enable correlating between processes and sessions on different servers ("Gatekeeper 
and entry handler component 110 provides an entry point for external client applications 
requesting access to enterprise applications and/or resources 190, including e.g., 
information resources 191, 192, 193, for which access management is provided by the 
security architecture." See paragraph 33). 
Regarding Claims 7 and 17: 

Wood discloses the identified session properties are sign in parameters ("Login 
component 120 operating in conjunction with gatekeeper/entry handler component 110 
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and other components of the security architecture, provides a single sign-on interface 
for access to enterprise applications and/or resources 190." See paragraph 35). 
Regarding Claims 9 and 19: 

Wood discloses the identified session properties are hyperlink session address 
type parameters ("In some configuration, information on line speed, origination point 
(e.g., inside or outside of a corporate network), browser type, encryptions capability, 
number of hops latency, system type, etc. may be gather." See paragraph 43). 
Regarding Claim 10 and 20: 

Wood discloses the original session is identified according to a unique 
Transmission Control Protocol port ID ("For network connection, similar environment 
information may be obtained from incoming requests themselves or based on a 
particular entry point (e.g. a particular router or port)." See paragraph 43). 
Regarding claims 25 and 26: 

Wood discloses producing a hierarchical structure of processes at the kernel 
level (paragraph 0045) and referring to each process to the hierarchical tree said each 
process belongs to (paragraph 0045: wherein the subsequent interactions after the 
original session is created are each created by the first process (of setting up the 
session) and therefore are interpreted as child processes created by a first process) and 
each child process is operated at the authorization level of the session credential at the 
time of the last credential change (see paragraph 0045). 
Regarding claims 27 and 28: 
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Wood discloses that the sequence of processes creates an additional process, 
and the additional process is associated with the session identification code (paragraph 
0045: wherein the subsequent interactions after the original session is created are each 
created by the first process (of setting up the session) and therefore are interpreted as 
child processes created by a first process) and each child process Is operated at the 
authorization level of the session credential at the time of the last credential change 
(see paragraph 0045). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 4-6 and 14-16 are rejected under 35 U.S.C. 103(a) as being obvious over 
Wood et al. (US 2004/0210771) in view of Carter et al. (US 2003/0051026). 

Wood discloses the above stated security architecture for providing access to 
enterprise applications and resources based on a session token's current trust level 
(See paragraph 35). 
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Wood does not disclose each process has a process information vector wherein 
the session ID of the original session is added to the process information vector of each 
process in the sequence related to the original session. 

Carter discloses a network surveillance and security system for monitoring and 
protecting a computer network that uses a process identification vector to associate a 
user ID with a unique process ID (See paragraph 342 and 363). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the security architecture disclosed by Wood to include using a 
process identification vector to associate a session ID with a unique process ID such as 
that taught by Carter in order to enable the utilization of matrices to track and control 
information and processes (See Carter paragraph 339). 

Conclusion 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to KAVEH ABRISHAMKAR whose telephone number Is 
(571 )272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, William Korzuch can be reached on 571-272-7589. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Kaveh Abrishamkar/ 
Primary Examiner, Art Unit 2431 

IK. A./ 
01/15/2010 

Primary Examiner, Art Unit 2431 



